Fortinet black logo

Handbook

Assigning administrator users and network interfaces to VDOMs

Assigning administrator users and network interfaces to VDOMs

After creating the virtual domain, you can assign administrator users to manage it. These virtual domain administrators can access only the domain they are assigned.

For virtual domains in Independent Network mode, you need to assign network interfaces to the virtual domain. If the Virtual Domain Mode is Share Network (ADOM mode), all network interface settings are defaulted to the root settings, so assigning network interfaces is unnecessary.

Before you begin:
  • You must have super admin (admin administrator) or global admin permission to assign administrator users and network interfaces to virtual domains.
To create an administrator for a virtual domain:
  1. Go to System > Administrator.
  2. Click Create New to create an administrator.
  3. Configure administrator settings and select the virtual domain.
  4. Save the configuration.

When virtual domain administrators log into the FortiADC system, they do not see the Virtual Domain menu in the GUI. Instead, they only see configuration settings and data for the virtual domain they have been assigned to. Furthermore, the difference in what GUI and CLI functions are available to virtual domain administrators also depend on whether the Virtual Domain Mode is Independent Network or Share Network. For more information, see Virtual Domain (VDOM) and Administrative Domain (ADOM) overview.

To assign a network interface to a virtual domain:
  1. Go to Networking > Interface.
  2. Double-click an interface configuration or click Create New to create one.
  3. Configure interface settings and select the virtual domain.
  4. Save the configuration.

Assigning administrator users and network interfaces to VDOMs

After creating the virtual domain, you can assign administrator users to manage it. These virtual domain administrators can access only the domain they are assigned.

For virtual domains in Independent Network mode, you need to assign network interfaces to the virtual domain. If the Virtual Domain Mode is Share Network (ADOM mode), all network interface settings are defaulted to the root settings, so assigning network interfaces is unnecessary.

Before you begin:
  • You must have super admin (admin administrator) or global admin permission to assign administrator users and network interfaces to virtual domains.
To create an administrator for a virtual domain:
  1. Go to System > Administrator.
  2. Click Create New to create an administrator.
  3. Configure administrator settings and select the virtual domain.
  4. Save the configuration.

When virtual domain administrators log into the FortiADC system, they do not see the Virtual Domain menu in the GUI. Instead, they only see configuration settings and data for the virtual domain they have been assigned to. Furthermore, the difference in what GUI and CLI functions are available to virtual domain administrators also depend on whether the Virtual Domain Mode is Independent Network or Share Network. For more information, see Virtual Domain (VDOM) and Administrative Domain (ADOM) overview.

To assign a network interface to a virtual domain:
  1. Go to Networking > Interface.
  2. Double-click an interface configuration or click Create New to create one.
  3. Configure interface settings and select the virtual domain.
  4. Save the configuration.